Institute for Software Research
School of Computer Science, Carnegie Mellon University
Trust Me: Design Patterns for Constructing
Privacy threats also abound on the Internet, but unlike security threats, concerns about privacy threats are nuanced; not everyone cares what a website may do with personal information. To address the varying privacy needs of Internet users, privacy information can be conveyed using contextual indicators that represent privacy policies, because natural language privacy policies are notoriously difficult to read.
In this thesis I qualitatively examine online trust indicators across three varying contexts: web browser phishing warnings, web browser SSL warnings, and indicators that represent website privacy policies. I create guidelines for overcoming many common trust indicator failures, and then I validate these guidelines. I examine these different contexts using a model from the warning sciences in order to shed light on how common failures can be avoided and how design concerns change based on context. I used the results of several user studies that I conducted to compile a set of design patterns for online trust indicators that help designers overcome many common indicator failures. Finally, I highlight the different design considerations between high risk warnings and contextual indicators.